All Collections
Getting Started
Single sign on (SSO)
Single sign on (SSO)
Rikke Søndergaard avatar
Written by Rikke Søndergaard
Updated yesterday

Single sign-on

Ease logging in and up security with SSO.

In this Article

What is SSO?

Single Sign-On (SSO) is an identification method that enables users to log in to multiple applications and websites with one set of credentials.

This brings additional security and easier management of user credentials. And you don't need to update your password for each tool every time you need to update it.

Which providers are supported?

We support Microsoft Azure integration. In case you need another provider — please, let your account manager know. New providers will be added in order of frequency of requests.

How does it work?

Each user account, that exists on both sides in Azure and APSIS and is identified by the same email address, can be logged into APSIS without an additional login page — use the provider of your choice.

Enable SSO with Microsoft Azure

Steps required for your APSIS account to enroll to SSO using Microsoft Azure require collaboration between your IT department and us and are as follows:

  1. Create an application in your Azure Active Directory following this quickstart. Use the following configuration details:

    Platform: Web

    Redirect URLs (more URLs can be entered after you first save the application):

    https://enter.apsis.one/login/callback

    https://apsis-one-prod.eu.auth0.com/login/callback


  2. Prepare the following credentials and contact our Customer service at customerservice.apsis@efficy.com to ask for a secure way to transfer them to us:


    Tenant ID

    Application ID

    Client secret

    Credential expiration date

    Your IT contact name and email (we will reach out for credential renewal)


  3. Give us the user emails that will be used for testing. They must exist in both Azure and APSIS One.


  4. We will create an SSO integration on our side and enable it for your test users. We will also provide you with an approval link.

  5. Using our link, your Azure AD admin approves the application to access "Sign in and read user profile".


  6. After that, the test users should be able to log in to APSIS One using SSO and their Azure credentials.


  7. After all the testing is finished, let us know and we will enable SSO for all the account users.


How to maintain it?

You need to rotate APSIS credentials periodically (expiry date and frequency depend on your settings in Azure). We will ask you to provide a new set of credentials in advance.

FAQ

How to add a new user?

Add a new user on both sides: the identity provider and APSIS One. Don't forget to configure user access on the APSIS side.

How to delete a user?

You can delete users on Azure's side - it will disable login to APSIS for this user. We recommend you deactivate the user on the APSIS side as well, to prevent logging in in case you disable SSO one day.

Can my external contractors use APSIS One on my behalf while SSO is enabled?

Yes, you can invite external users. But they need to log in the old fashion way — using login and password.

Should I pay for it?

No, it is an additional feature free for all our users.

Did this answer your question?